Cyber Security Analyst
Fisher and Paykel
مجموع سنوات الخبرة :14 years, 3 أشهر
• Demonstrate a deep understanding of security monitoring, threat, and vulnerability management by leveraging Tenable comprehensive scanning and vulnerability management features to enhance security posture and mitigate potential security threats.
• Showcased expertise in utilizing Azure Sentinel's powerful security information and event management (SIEM) capabilities to collect and analyze security data from various sources and supported the measurement and reporting of security metrics to provide insights and recommendations for improving security posture and protecting business assets.
• Experienced in working with and querying security information and event management (SIEM) tools, including Microsoft Sentinel and KQL
• Knowledge of how to identify and assess threats, and how to develop and implement enterprise-wide mitigation strategies.
• Lead efforts to improve the detection and response of security threats using analytics and automation.
• Work with stakeholders to identify and address any cybersecurity risks.
• Actively ensured the safety and security of all people, assets, systems, and procedures by utilizing Proofpoint advanced email security features to protect against phishing and other email-based threats.
• Knowledge of security compliance and compliance audit processes has been exemplified by utilizing Azure compliance management features to scan and assess systems for compliance with industry regulations and standards, and by utilizing Proofpoint's data loss prevention (DLP) features to prevent unauthorized data leaks and ensure compliance with data protection policies.
• Provided analytical support for regular reporting and to the Digital function by conducting research and analysis of security metrics, incidents, and events/alerts using Tenable, Darktrace, Microsoft Defender, Azure Sentinel, and Proofpoint, leveraging their advanced analytics and reporting capabilities to provide valuable insights and recommendations for improving security posture and protecting business assets.
● Assisted in the creation Policies, procedures and system hardening guidelines in line with ISO 27001, 27017 and 27018 standards.
● Implements security controls, risk assessment framework, and program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns and advances bank objectives.
● Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.
● Participated with the internal and external auditors to assist them during annual audits.
● Created secure network designs in line with various security and compliance requirements in line with ISO 27001, 27017 and 27018 along with local and regional security & compliance requirements.
● Implementing Forti-gate firewall in line with ISO 27001 compliance.
● OS Hardening according to CIS controls.
● OS Page file implementation according to best practices.
● SSL implementation according to CIS control.
● Applying strong Ciphers according to CIS controls.
● CIS Report
● Installing, configuring & maintenance of AD/DHCP/DNS
● Performing timely backup of servers/services and their Disaster Recovery
● Installing, configuring & maintenance of Webservers
● Maintain best practices on managing systems and services across all environments
● Installing and configure, WINDOWS SERVER (2008, 2012, 2016, 2019) in line with ISO 27001 and CIS system hardening guidelines
● Data Center Migration from Head Office to co-location.
● Assist vendors to drop network link to 42 U Rack.
● Migrating VMs from Hyper-V to VMware ESXI using VMware converter.
● Set and monitor the IT security standards, architecture and requirements ensuring their implementation, as well as leading and monitoring the response and mitigation of the cyber threats and attacks, in coordination with other relevant Group Functions.
● Architected, created Configurations and deployed IAM Roles and Policies, CloudTrail, VPC, CloudWatch, S3 Bucket, EC2, ELB-ASG-R53, VPC peering, End Points configuration, RDS, Elastic Beanstalk, Dynomo DB and Route 53 routes in line with ISO 27001, 27017, 27018, 62443, CIS top 20 controls and key business and compliance requirements.
● Define the Unified IT and OT security policy in line with ISO 27001, 27017, 27018, and 27019 standards and supervise its implementation; define the IT security Group policies and guidelines, standardize the IT security processes and harmonize related tools across the Group; lead and monitor the IT security activities.
● Manage IT risks through their detection, identification, monitoring, evaluation and mitigation.
● Apply cyber security risk management principles to conduct quantified assessment of first line SCADA business applications, IT systems and processes according to established ISO 27001 and 27019 ISMS requirements.
● Establish scope of analysis and define analysis success parameters
● Collect relevant data points and guide local IT Security Leadership.
● Review results to identify potential outlier data inputs, identify potential cyber threats, analyze the risks and recommend controls based on the analysis results
● Analyze existing cyber security mitigation strategies / controls and assess their effectiveness
● Writing detailed reports containing findings, observations and recommendations
● Risk Analysis experience in line with ISO 27005 standard.
● A robust understanding of IT and Information Security risk mitigation control processes such as vulnerability and threat management, patch management, penetration testing / red-teaming / cyber-attack simulation
● Understanding how cyber impacts business objectives
● Ability to understand business and technical implications
● Knowledge of cyber threat vectors, both generally and sector-specific
● Knowledge of current cyber threat trends and approaches
● Knowledge of emerging technologies, such as cloud, Internet of Things (IoT), data analytics / machine learning, block chain / digital currency / distributed leger technology, Artificial Intelligence
● Excellent hands on knowledge and understanding of common cyber security technology tools such as firewalls, IDPS, Network access control, DDOS Mitigation, Anti-Malware, Anti-Virus, encryption and authentication which I use to recommend security and compliance requirements.
● Knowledge of different threat actor categories (nation state, criminal, general hacker, hacktivists) and their common techniques
● Ability to develop and evaluate technology policies, technical engineering standards and operational procedures
● Strong operational focus, ability to drive topics and deliver results even under pressure and time constraints
● Superior communication skills and ability to manage a wide array of different stakeholders
● Good scripting skills in python and bash
● Installing and configure, WINDOWS SERVER (2008, 2012, 2016) in line with ISO 27001 and CIS system hardening guidelines
● Installing and configure EXCHANGE SERVER 2013, 2016 in line with ISO 27001 and CIS guidelines
● Installing and configure SYSTEM CENTER CONFIGURATION MANGER (SCCM 2012 R2, 2016)in line with ISO 27001 and CIS guidelines
● Installing and configure SYSTEM CENTER OPERATION MANAGER (SCOM 2016) in line with ISO 27001 and CIS guidelines
● Assisted in the creation Policies, procedures and system hardening guidelines in line with ISO 27001, 27017 and 27018 standards.
● Participated with the internal and external auditors to assist them during annual audits.
● Created secure network designs in line with various security and compliance requirements in line with ISO 27001, 27017 and 27018 along with local and regional security & compliance requirements.
● Managing and configuring of various CISCO switches.
● Managing and configuring of Cisco routers with RIP, EIGRP, OSPF routing protocols.
● Manage day-to-day IT Operation activities in line security and compliance requirements
● Participated in internal and external vulnerability scans, authenticated scans, pentesting and application testing.
● Created incident response playbooks and worked with various teams. Deploy and Configure All Windows Versions Using (DVD, RIS, WDS, and Using Third Party Tools).
● Advanced Tasks (RAS, VPN, VPN Site-To-Site) Servers, DMZ Servers Such As (IIS-http, IIS-FTP, File and Printer) Servers and Windows 2003, 2008, 2012, 2016 Servers Such As (DC, DNS, DHCP, TMG, etc.).
● Managing and Monitoring Network Infrastructure (Windows Performance Monitor, Syslog, System Monitor, and Network Monitor).
● Knowledge and implementation of Microsoft Hyper-V, VMware ESX, and VMware Workstations. Practical knowledge and hands on experience on network components like Installation of Network cards, 3Com’s 8 & various switches, UTP Cabling, Patch Penal and troubleshoots the configuration problems of PC’s for Networks.
● Scripting experience with Python
● Hands on experience with open source IDS/IPS and Web application firewalls.
Got first division.
Got first class first division.
I got Second division.